--- /dev/null
+http://savannah.gnu.org/bugs/?23934
+
+http://savannah.gnu.org/file/wget-1.12-subjectAltNames.diff?file_id=18828
+
+diff --git a/src/openssl.c b/src/openssl.c
+index b55ca8b..b036a3b 100644
+--- a/src/openssl.c
++++ b/src/openssl.c
+@@ -39,7 +39,7 @@ as that of the covered work. */
+ #include <string.h>
+
+ #include <openssl/ssl.h>
+-#include <openssl/x509.h>
++#include <openssl/x509v3.h>
+ #include <openssl/err.h>
+ #include <openssl/rand.h>
+
+@@ -486,9 +486,11 @@ bool
+ ssl_check_certificate (int fd, const char *host)
+ {
+ X509 *cert;
++ GENERAL_NAMES *subjectAltNames;
+ char common_name[256];
+ long vresult;
+ bool success = true;
++ bool alt_name_checked = false;
+
+ /* If the user has specified --no-check-cert, we still want to warn
+ him about problems with the server's certificate. */
+@@ -558,10 +560,6 @@ ssl_check_certificate (int fd, const char *host)
+ /* Check that HOST matches the common name in the certificate.
+ #### The following remains to be done:
+
+- - It should use dNSName/ipAddress subjectAltName extensions if
+- available; according to rfc2818: "If a subjectAltName extension
+- of type dNSName is present, that MUST be used as the identity."
+-
+ - When matching against common names, it should loop over all
+ common names and choose the most specific one, i.e. the last
+ one, not the first one, which the current code picks.
+@@ -569,51 +567,123 @@ ssl_check_certificate (int fd, const char *host)
+ - Ensure that ASN1 strings from the certificate are encoded as
+ UTF-8 which can be meaningfully compared to HOST. */
+
+- X509_NAME *xname = X509_get_subject_name(cert);
+- common_name[0] = '\0';
+- X509_NAME_get_text_by_NID (xname, NID_commonName, common_name,
+- sizeof (common_name));
++ subjectAltNames = X509_get_ext_d2i (cert, NID_subject_alt_name, NULL, NULL);
+
+- if (!pattern_match (common_name, host))
++ if (subjectAltNames)
+ {
+- logprintf (LOG_NOTQUIET, _("\
+-%s: certificate common name %s doesn't match requested host name %s.\n"),
+- severity, quote_n (0, common_name), quote_n (1, host));
+- success = false;
++ /* Test subject alternative names */
++
++ /* Do we want to check for dNSNAmes or ipAddresses (see RFC 2818)?
++ * Signal it by host_in_octet_string. */
++ ASN1_OCTET_STRING *host_in_octet_string = NULL;
++ host_in_octet_string = a2i_IPADDRESS (host);
++
++ int numaltnames = sk_GENERAL_NAME_num (subjectAltNames);
++ int i;
++ for (i=0; i < numaltnames; i++)
++ {
++ const GENERAL_NAME *name =
++ sk_GENERAL_NAME_value (subjectAltNames, i);
++ if (name)
++ {
++ if (host_in_octet_string)
++ {
++ if (name->type == GEN_IPADD)
++ {
++ /* Check for ipAddress */
++ /* TODO: Should we convert between IPv4-mapped IPv6
++ * addresses and IPv4 addresses? */
++ alt_name_checked = true;
++ if (!ASN1_STRING_cmp (host_in_octet_string,
++ name->d.iPAddress))
++ break;
++ }
++ }
++ else if (name->type == GEN_DNS)
++ {
++ /* Check for dNSName */
++ alt_name_checked = true;
++ /* dNSName should be IA5String (i.e. ASCII), however who
++ * does trust CA? Convert it into UTF-8 for sure. */
++ unsigned char *name_in_utf8 = NULL;
++ if (0 <= ASN1_STRING_to_UTF8 (&name_in_utf8, name->d.dNSName))
++ {
++ /* Compare and check for NULL attack in ASN1_STRING */
++ if (pattern_match ((char *)name_in_utf8, host) &&
++ (strlen ((char *)name_in_utf8) ==
++ ASN1_STRING_length (name->d.dNSName)))
++ {
++ OPENSSL_free (name_in_utf8);
++ break;
++ }
++ OPENSSL_free (name_in_utf8);
++ }
++ }
++ }
++ }
++ sk_GENERAL_NAME_free (subjectAltNames);
++ if (host_in_octet_string)
++ ASN1_OCTET_STRING_free(host_in_octet_string);
++
++ if (alt_name_checked == true && i >= numaltnames)
++ {
++ logprintf (LOG_NOTQUIET,
++ _("%s: no certificate subject alternative name matches\n"
++ "\trequested host name %s.\n"),
++ severity, quote_n (1, host));
++ success = false;
++ }
+ }
+- else
++
++ if (alt_name_checked == false)
+ {
+- /* We now determine the length of the ASN1 string. If it differs from
+- * common_name's length, then there is a \0 before the string terminates.
+- * This can be an instance of a null-prefix attack.
+- *
+- * https://www.blackhat.com/html/bh-usa-09/bh-usa-09-archives.html#Marlinspike
+- * */
+-
+- int i = -1, j;
+- X509_NAME_ENTRY *xentry;
+- ASN1_STRING *sdata;
+-
+- if (xname) {
+- for (;;)
+- {
+- j = X509_NAME_get_index_by_NID (xname, NID_commonName, i);
+- if (j == -1) break;
+- i = j;
+- }
+- }
++ /* Test commomName */
++ X509_NAME *xname = X509_get_subject_name(cert);
++ common_name[0] = '\0';
++ X509_NAME_get_text_by_NID (xname, NID_commonName, common_name,
++ sizeof (common_name));
+
+- xentry = X509_NAME_get_entry(xname,i);
+- sdata = X509_NAME_ENTRY_get_data(xentry);
+- if (strlen (common_name) != ASN1_STRING_length (sdata))
++ if (!pattern_match (common_name, host))
+ {
+ logprintf (LOG_NOTQUIET, _("\
+-%s: certificate common name is invalid (contains a NUL character).\n\
+-This may be an indication that the host is not who it claims to be\n\
+-(that is, it is not the real %s).\n"),
+- severity, quote (host));
++ %s: certificate common name %s doesn't match requested host name %s.\n"),
++ severity, quote_n (0, common_name), quote_n (1, host));
+ success = false;
+ }
++ else
++ {
++ /* We now determine the length of the ASN1 string. If it differs from
++ * common_name's length, then there is a \0 before the string terminates.
++ * This can be an instance of a null-prefix attack.
++ *
++ * https://www.blackhat.com/html/bh-usa-09/bh-usa-09-archives.html#Marlinspike
++ * */
++
++ int i = -1, j;
++ X509_NAME_ENTRY *xentry;
++ ASN1_STRING *sdata;
++
++ if (xname) {
++ for (;;)
++ {
++ j = X509_NAME_get_index_by_NID (xname, NID_commonName, i);
++ if (j == -1) break;
++ i = j;
++ }
++ }
++
++ xentry = X509_NAME_get_entry(xname,i);
++ sdata = X509_NAME_ENTRY_get_data(xentry);
++ if (strlen (common_name) != ASN1_STRING_length (sdata))
++ {
++ logprintf (LOG_NOTQUIET, _("\
++ %s: certificate common name is invalid (contains a NUL character).\n\
++ This may be an indication that the host is not who it claims to be\n\
++ (that is, it is not the real %s).\n"),
++ severity, quote (host));
++ success = false;
++ }
++ }
+ }
+
+
+@@ -631,3 +701,7 @@ To connect to %s insecurely, use `--no-check-certificate'.\n"),
+ /* Allow --no-check-cert to disable certificate checking. */
+ return opt.check_cert ? success : true;
+ }
++
++/*
++ * vim: tabstop=2 shiftwidth=2 softtabstop=2
++ */
projects / packages / wget.git / commitdiff